(a) Define the following terms from the context of cyber security: Vulnerability Threat Attack (b) Describe...

Transcribed Image Text:

(a) Define the following terms from the context of cyber security: Vulnerability Threat Attack (b) Describe three non-technical techniques that an attacker could use during the reconnaissance stage of an attack. (c) Consider the following cryptographic cipher: (d) Alice K₁ (H(msg), K (msg)) (i) Bob (i) Draw a block diagram showing how the receiver processes the cipher text indicated above. Indicate on your diagram the processes and the inputs and outputs of each process. (ii) Describe how the above cryptographic cipher could be optimised for improved performance and security. Explain whether a false positive or a false negative occurring on an Intrusion Detection System (IDS) has a more negative outcome for system security. (ii) Explain why an IDS is sometimes preferred even though it could allow behaviour that was detected as suspicious whereas an Intrusion Prevention System (IPS) would have prevented it. (iii) Explain which type of IDS, signature based or anomaly based, would respond more effectively to very new types of attacks such as zero-day vulnerabilities. (a) Define the following terms from the context of cyber security: Vulnerability Threat Attack (b) Describe three non-technical techniques that an attacker could use during the reconnaissance stage of an attack. (c) Consider the following cryptographic cipher: (d) Alice K₁ (H(msg), K (msg)) (i) Bob (i) Draw a block diagram showing how the receiver processes the cipher text indicated above. Indicate on your diagram the processes and the inputs and outputs of each process. (ii) Describe how the above cryptographic cipher could be optimised for improved performance and security. Explain whether a false positive or a false negative occurring on an Intrusion Detection System (IDS) has a more negative outcome for system security. (ii) Explain why an IDS is sometimes preferred even though it could allow behaviour that was detected as suspicious whereas an Intrusion Prevention System (IPS) would have prevented it. (iii) Explain which type of IDS, signature based or anomaly based, would respond more effectively to very new types of attacks such as zero-day vulnerabilities.

Answer rating: 100% (QA)

a Vulnerability Definition A vulnerability in cybersecurity refers to a weakness or flaw in a system application network or process that could be exploited by a threat to compromise the security of th... View the full answer